Permalink
Switch branches/tags
Commits on Jun 20, 2018
  1. documentation rebuild

    elukey committed Jun 20, 2018
    git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1833952 13f79535-47bb-0310-9956-ffa450edef68
  2. Remove some trailing spaces to synch trunk with 2.4

    Christophe Jaillet
    Christophe Jaillet committed Jun 20, 2018
    git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1833941 13f79535-47bb-0310-9956-ffa450edef68
Commits on Jun 19, 2018
  1. mod_cache: Per RFC 7234 section 5.3 an invalid

    Rainer Jung
    Rainer Jung committed Jun 19, 2018
    Expires header value must be interpreted as a
    time in the past. So apply the logic concerning
    "CacheStoreExpired" and "max-age" and "s-maxage"
    handling, which we are already using for a valid
    Expires header containing a time in the past,
    also to the case of an invalid Expires header.
    
    
    git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1833876 13f79535-47bb-0310-9956-ffa450edef68
  2. mod_ratelimit: fix behavior with proxied content

    elukey committed Jun 19, 2018
    mod_ratelimit works by splitting data in "chunks"
    to send to the client, sleeping a predefined amount
    of time between them (200ms). So for example,
    a rate-limit 40 value would correspond to a chunk size
    of 8192 bytes, flushed to the client every 200ms.
    
    The idea works fine when httpd directly serves the
    content, since the filter will be called once with
    a single bucket brigade. In the context of a proxied
    content though the filter is likely to be called multiple
    times, with a bucket brigade size that corresponds to
    the maximum allowed buffer size. If this value is lower
    or higher than the chunk size, the filter will not
    properly rate limit the data going to the client.
    
    This patch solves the problem with two fix:
    1) do_sleep is now stored in the ctx context struct,
       so if the filter is invoked multiple times it
       will still sleep when needed. For example, say
       that the chunk_size is 8192 and the bucket brigate
       len is 10240: the filter will flush 8192 bytes
       on the first invocation, sleep 200ms, flush the
       remaining bytes and then finish. The next invocation
       will do the same, clearly not leading to the
       correct "sleeping pattern".
    2) The example above highlights also another issue:
       mod_ratelimit should  flush only chunk_size bytes
       at the time (I am now excluding the burst calculation
       from the picture), and buffer between invocations
       unless the brigade contains EOS.
    
    The change has been tested with various scenarios and
    it looks working as expected, but of course more
    feedback/testing is welcome.
    
    The original patch was written by me and then Yann
    refactored the code to be more precise and efficient,
    basically transforming an axe in a wonderful Japanese
    katana sword, so credits to him for this work.
    
    PR: 62362
    
    
    
    
    git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1833875 13f79535-47bb-0310-9956-ffa450edef68
  3. add server_rec to log.c fatal startup errors

    covener committed Jun 19, 2018
    Not strictly necessary for trunk, but in 2.4.x if the main ErrorLog is
    using syslog, these messages are lost.  In trunk, the low-level logging
    routines reach up and find the syslog provider when no server_rec is provided
    but that backport is stalled.
    
    
    
    
    git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1833827 13f79535-47bb-0310-9956-ffa450edef68
Commits on Jun 15, 2018
  1. mod_ssl: build with LibreSSL.

    ylavic committed Jun 15, 2018
    LibreSSL seems to be openssl-1.1 API compatible only in version 2.8 (master).
    So use that for MODSSL_USE_OPENSSL_PRE_1_1_API instead of 2.7, the two 2.7
    compatibility-exceptions are handled explicitely but overall it's simpler.
    
    Regarding CRYPTO_malloc_init vs OPENSSL_malloc_init, libreSSL uses none, the
    former used to be a no-op but depends is LIBRESSL_INTERNAL in latest versions,
    while the latter has never been (and will never be) defined. So don't call any
    with LibreSSL.
    
    
    
    git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1833598 13f79535-47bb-0310-9956-ffa450edef68
  2. mod_ssl: use SSL_HAVE_PROTOCOL_TLSV1_3 to check for compiled in TLS 1.3.

    ylavic committed Jun 15, 2018
    More meaningful than SSL_OP_NO_TLSv1_3, hopefully...
    
    
    git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1833589 13f79535-47bb-0310-9956-ffa450edef68
  3. mod_ssl: disable check for client initiated renegotiations with TLS 1.3.

    ylavic committed Jun 15, 2018
    This is already forbidden by the protocol, enforced by OpenSSL, and the
    current logic can't work (ssl_callback_Info() may be called multiple times
    with TLS 1.3).
    
    
    git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1833588 13f79535-47bb-0310-9956-ffa450edef68
Commits on Jun 13, 2018
  1. Follow up to r1833368: share openssl between modules.

    ylavic committed Jun 13, 2018
    Both libapr[-util], mod_ssl, mod_crypto and mod_session_crypto can use the
    same crypto library (e.g. openssl), use the new APR crypto loading API so
    that they can work together and initialize/terminate the lib approprietly,
    either once for all or on demand and reusable by the others.
    
    
    
    git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1833452 13f79535-47bb-0310-9956-ffa450edef68
Commits on Jun 12, 2018
  1. Remove extra and un-needed ""

    Christophe Jaillet
    Christophe Jaillet committed Jun 12, 2018
    git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1833416 13f79535-47bb-0310-9956-ffa450edef68
  2. apr_pcalloc can be turned into apr_palloc (the allocated memory is fu…

    Christophe Jaillet
    Christophe Jaillet committed Jun 12, 2018
    …lly initialized by the subsequent memcpy/strcpy) and '(int)strlen(p)' can be replaced by 'plen - 1' to save some cycles.
    
    git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1833415 13f79535-47bb-0310-9956-ffa450edef68
Commits on Jun 11, 2018
  1. Make use of the new apr_crypto_rng API if available.

    ylavic committed Jun 11, 2018
    git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1833368 13f79535-47bb-0310-9956-ffa450edef68
Commits on Jun 9, 2018
  1. Rebuild.

    Lucien Gentis
    Lucien Gentis committed Jun 9, 2018
    git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1833242 13f79535-47bb-0310-9956-ffa450edef68
  2. XML update.

    Lucien Gentis
    Lucien Gentis committed Jun 9, 2018
    git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1833241 13f79535-47bb-0310-9956-ffa450edef68
Commits on Jun 7, 2018
  1. * configure.in, Makefile.in: Handle no-test-suite case through

    notroj committed Jun 7, 2018
      check-no rule.  Only regenerate the test suite on repeated
      "make check" run if a header file has changed.
    
    
    git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1833122 13f79535-47bb-0310-9956-ffa450edef68
Commits on Jun 6, 2018
  1. Avoid cyclic dependency by moving ap_set_etag() from module http to c…

    ylavic committed Jun 6, 2018
    …ore.
    
    This function, along with ap_make_etag(), is used by the default_handler in
    core.c, and in several modules other than builtin mod_http, breaking static
    linking and httpdunit tests build.
    
    The move is done by "svn move modules/http/http_etag.c server/util_etag.c".
    MMN major bumped, not backportable (as is) to 2.4.x.
    
    
    
    git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1833083 13f79535-47bb-0310-9956-ffa450edef68
  2. * modules/http/http_request.c (ap_process_request_after_handler,

    notroj committed Jun 6, 2018
      ap_process_request): Cache and retrieve the brigade structure used
      to send EOR and FLUSH between requests in c->pool userdata, to avoid
      allocating a brigade structure per-request out of c->pool.
    
    Submitted by: rpluem, jorton
    
    
    git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1833014 13f79535-47bb-0310-9956-ffa450edef68
  3. mod_ssl: after code review, changed:

    Stefan Eissing
    Stefan Eissing committed Jun 6, 2018
     * eliminated SSLPolicyRec as name no longer used
     * eliminated some left over parameters in internal functions due to policy def removal
     * reverted a NULL test, necessary before
    
    
    git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1832994 13f79535-47bb-0310-9956-ffa450edef68
  4. * modules/proxy/mod_proxy_hcheck.c (sctx_t, hc_create_config):

    notroj committed Jun 6, 2018
      Remove unused bucket allocator created off pconf.
      Tag the subpool.
    
    
    git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1832991 13f79535-47bb-0310-9956-ffa450edef68
Commits on Jun 5, 2018
  1. * modules/proxy/proxy_util.c (ap_proxy_share_worker): Skip creating s…

    notroj committed Jun 5, 2018
    …ubpool
    
      for debugging unless debug-level logging is enabled.  No functional change.
    
    
    git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1832951 13f79535-47bb-0310-9956-ffa450edef68
  2. * mod_proxy_http2: ressurrecting some of the good parts of r1831231 …

    Stefan Eissing
    Stefan Eissing committed Jun 5, 2018
    …and using memcpy instead of strncpy to make intentions more clear
    
    git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1832937 13f79535-47bb-0310-9956-ffa450edef68
  3. * integrating latest changes from microgrit

    Stefan Eissing
    Stefan Eissing committed Jun 5, 2018
     * MDNotifyCmd can now specify arguments to the command
    
    
    git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1832935 13f79535-47bb-0310-9956-ffa450edef68
  4. Fixing h2 proxy link header mapping to substitute correctly again aft…

    Stefan Eissing
    Stefan Eissing committed Jun 5, 2018
    …er r1831231 breakage.
    
    git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1832934 13f79535-47bb-0310-9956-ffa450edef68
Commits on Jun 4, 2018
  1. image size 0x34000 exceeds specified maximum 0x30000

    Gregg Lewis Smith
    Gregg Lewis Smith committed Jun 4, 2018
    git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1832880 13f79535-47bb-0310-9956-ffa450edef68
  2. build mod_proxy before mod_proxy_http2

    Gregg Lewis Smith
    Gregg Lewis Smith committed Jun 4, 2018
    git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1832879 13f79535-47bb-0310-9956-ffa450edef68
Commits on May 31, 2018
  1. These are in 2.4.x

    jimjag committed May 31, 2018
    git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1832613 13f79535-47bb-0310-9956-ffa450edef68
  2. Follow up to r1832580: correct CHANGES entry.

    ylavic committed May 31, 2018
    git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1832581 13f79535-47bb-0310-9956-ffa450edef68
  3. mod_remoteip: Fix RemoteIP{Trusted,Internal}ProxyList loading broken …

    ylavic committed May 31, 2018
    …by 2.4.30.
    
    Overwriting server config in pre_config hook breaks EXEC_ON_READ directives,
    it's automatically created on purpose anyway.
    
    PR 62220.
    
    
    git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1832580 13f79535-47bb-0310-9956-ffa450edef68
Commits on May 29, 2018
  1. Axe backported entries.

    ylavic committed May 29, 2018
    git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1832497 13f79535-47bb-0310-9956-ffa450edef68
Commits on May 28, 2018
  1. Rpm: fix the location of the PID file so as to avoid timeout

    minfrin committed May 28, 2018
    delays on systemd.
    
    
    git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1832383 13f79535-47bb-0310-9956-ffa450edef68